BSD Commit Log Search

   sqlite3-diff: regen for sqlite3 update

   cmus-legacy: update PLIST for ffmpeg option removal

   - Simplify processing by centralizing: no need to prefix all errors with
     "%lu: %s: " and pass fname, lineno to each; do it in one place.
   - Use emalloc and friends instead of homegrown xmalloc and friends.

   textproc/rumdl: correct first version that requires 1.94

   doc: Updated www/typo3-13 to 13.4.27

   www/typo3-13: update to 13.4.27

   13.4.27 (2026-03-10)

   This version is a bugfix and maintenance release.  For more information,
   please refer: <https://get.typo3.org/release-notes/13.4.27>.

   doc: Updated www/php-ja-wordpress to 6.9.2

   www/php-ja-wordpress: update to 6.9.2

   6.9.2 (2026-03-10)

   This is a security release that features several fixes.

   * A Blind SSRF issue reported by sibwtf, and subsequently by several other
     researchers while the fix was being worked on

   * A PoP-chain weakness in the HTML API and Block Registry reported by Phat
     RiO

   * A regex DoS weakness in numeric character references reported by Dennis
     Snell of the WordPress Security Team

   * A stored XSS in nav menus reported by Phill Savage

   * An AJAX query-attachments authorization bypass reported by Vitaly
     Simonovich

    [12 lines not shown]

   doc: Updated www/wordpress to 6.9.2

   www/wordpress: update to 6.9.2

   6.9.2 (2026-03-10)

   This is a security release that features several fixes.

   * A Blind SSRF issue reported by sibwtf, and subsequently by several other
     researchers while the fix was being worked on

   * A PoP-chain weakness in the HTML API and Block Registry reported by Phat
     RiO

   * A regex DoS weakness in numeric character references reported by Dennis
     Snell of the WordPress Security Team

   * A stored XSS in nav menus reported by Phill Savage

   * An AJAX query-attachments authorization bypass reported by Vitaly
     Simonovich

    [12 lines not shown]

   doc: Updated www/ruby-typhoeus to 1.6.0

   www/ruby-typhoeus: update to 1.6.0

   1.6.0 (2026-03-10)

   * Add Ruby 4.0 to CI matrix and update checkout action to v6. (Geremia
     Taglialatela, #744)

   * Require Ethon >= 0.18.0, removing the upper bound constraint. (Geremia
     Taglialatela, #742)

   * Update RubyDoc link in gemspec metadata. (Felipe Mesquita, #737)

   * Update gem version badge and remove Code Climate badge. (Felipe Mesquita,
     #736)

   doc: Updated www/ruby-sass-embedded to 1.98.0

   www/ruby-sass-embedded: update to 1.98.0

   1.98.0 (2026-03-11)

   * Bumps [sass](https://github.com/sass/dart-sass) from 1.97.3 to 1.98.0.
   - [Release notes](https://github.com/sass/dart-sass/releases)
   - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)

   doc: Updated www/ruby-aws-partitions to 1.1224.0

   www/ruby-aws-partitions: update to 1.224.0

   1.1224.0 (2026-03-11)

   * Feature - Added support for enumerating regions for Aws::SimpleDBv2.

   doc: Updated devel/ruby-rspec-rails to 8.0.4

   devel/ruby-rspec-rails: update

   8.0.4 (2026-03-10)

   * Released to relax version constraint for rspec to allow 4.0.0.beta1.

   doc: Updated archivers/php-pecl-zip to 1.22.8

   archivers/php-pecl-zip: update to 1.22.8

   1.22.8 (2026-03-06)

   * Fixed bug GH-19932 Memory leak in zip
     setEncryptionName()/setEncryptionIndex().  (David Carlier)

   * Fix memory leak when passing enc_method/enc_password is passed as option
     for ZipArchive::addGlob()/addPattern() and with consecutive calls.
     (David Carlier)

   * Fix crash in property existence test.  (ndossche)

   * Don't truncate return value of zip_fread() with user sizes.  (ndossche)

   security/ruby-securerandom: update Ruby version in comment

   doc: Updated lang/ruby34 to 3.4.9

   lang/ruby34: update to 3.4.9

   3.4.9 (2026-03-11)

   This release includes an update to the zlib gem addressing CVE-2026-27820,
   along with other bug fixes.

   What's Changed:

   * Bug #21715: Miscompilation on x86-64-v2 due to undefined behavior in
     search_nonascii in string.c

   * Bug #21787: IO::Buffer Integer Overflow in Range Validation Leads to
     Out-of-Bounds Memory Access

   * Bug #21757: Splatted args array is mutated when passing unexpected kwargs

   * Bug #21326: Instruction generation differences between parse.y and prism
     for def a(x, ...); b(...); end

    [19 lines not shown]

   archivers/ruby-zlib: exclude ruby34

   fix sparc64 lint

   Updated devel/py-uv[-build]

   py-uv py-uv-build: updated to 0.10.9

   0.10.9

   Enhancements

   Add fbgemm-gpu, fbgemm-gpu-genai, torchrec, and torchtune to the PyTorch list
   Add torchcodec to PyTorch List
   Log the duration we took before erroring
   Warn when using uv_build settings without uv_build
   Add fallback to /usr/lib/os-release on Linux system lookup failure
   Use cargo auditable to include SBOM in uv builds

   Configuration

   Add an environment variable for UV_VENV_RELOCATABLE

   Performance


    [17 lines not shown]

   Updated security/defguard, security/defguard-gateway, security/defguard-proxy

   defguard-proxy: updated to 1.6.3

   1.6.3

   This is a patch for the major 1.6 release.
   It includes dependency updates to resolve the following CVEs:

   CVE-2026-25541
   CVE-2026-25727
   CVE-2026-25639
   CVE-2026-2391

   defguard-gateway: updated to 1.6.3

   1.6.3

   This is a security patch for the major 1.6 release.
   It includes dependency updates to resolve the following CVEs:

   CVE-2026-25541
   CVE-2026-25727